Leading Cause of Data Security Breaches Are Due to Insiders, Not Outsiders
Ponemon Study Reveals That the Most Likely Threat to Data Security Is Not the
Outsider, But Rather Negligent, Incompetent or Malicious Corporate Insiders
SAN FRANCISCO and TUCSON, Ariz., Feb. 8 /PRNewswire/ -- According to a recent study jointly released by Vontu Inc., the leader in Data Loss Prevention solutions, and the Ponemon Institute, a research institute dedicated to privacy management practices in business and government, the most likely threat to information security is not the typical hacker, virus or worm, but rather the malicious or careless corporate insider. The study, titled Ponemon Institute's Survey on Data Security Breaches, reveals that sixty-nine percent of companies reporting serious data leaks responded that their data security breaches were the result of either malicious employee activities or non-malicious employee error. In fact, the number one leading cause of data security breaches resulted from non-malicious employee error (39%). The Ponemon Institute concludes that these breaches are typically the consequence of complacency or negligence from lax or insufficient access controls to sensitive or confidential data. Only sixteen percent of serious data leaks were linked to hackers or external penetration. "The rise in identity theft and cyber crime has made data security a top- of-mind issue for many Americans as well as corporations," said Larry Ponemon of the Ponemon Institute. "Companies spend considerable resources to combat outsiders, and the data suggests they are successful. However, companies have begun to realize that to protect customer trust, company brand and competitive secrets, they must now focus on the threat within." "Organizations must become more aware of the source of information loss, and then they can adopt best practices to address the issue," said Joseph Ansanelli, CEO of Vontu. "This survey highlights the severity of the insider threat problem. We believe that companies need to focus not only preventing customer information loss, but also the loss of other confidential information such as source code, intellectual property, merger and acquisition information, design documents, network diagrams, and marketing documents." Of the 163 companies surveyed, seventy-five percent reported a serious security breach had occurred within the past twelve months. The survey also revealed the most common types of data security breaches. The majority of data breaches involved the loss of confidential business information, followed closely by the loss of personal customer information. The survey reports that of the top data security breaches: * 39% involved confidential business information * 27% involved personal information about customers * 14% involved intellectual property including software source code * 10% involved personal information about employees The study is a subset of results from a larger Ponemon study entitled Ponemon Institute's Corporate Data Security Practices. The research included questions about data security and privacy breaches occurring within a time period of twelve months. The results were captured over a five week period in Fall 2004. One hundred sixty-three companies were surveyed, with a majority being Fortune 1000 US companies. Other participating companies included large, non-publicly traded corporations, government entities and smaller public multinationals. To read the study, please visit http://www.vontu.com/news/resource_center.asp About the Ponemon Institute The Ponemon Institute(C) is a think tank dedicated to advancing responsible information management practices in business and government. To achieve this objective, the Institute conducts independent research to promote best practices, to educate leaders from the private and public sectors and to verify the privacy and data protection practices of organizations. The institute is headquartered in Tuscon, Arizona. For more information visit www.ponemon.org. About Vontu, Inc. Vontu is the industry's first Data Loss Prevention solution that stops confidential information, including customer data and intellectual property, from being sent outside the corporate network. Vontu solutions help customers reduce their financial risk, including remediation costs and legal exposure, protect brand equity and customer loyalty, and ensure compliance with internal policies and government regulations. Vontu customers include the Fortune 1000 and Global 2000 in financial services, manufacturing, retail, media, healthcare and telecommunications. More information about Vontu can be found at www.vontu.com.
SOURCE Vontu Inc.
Browse our custom packages or build your own to meet your unique communications needs.
Learn about PR Newswire services
Request more information about PR Newswire products and services or call us at (888) 776-0942.